1. Field of Invention
This invention relates to computer applications which protect a corporate enterprise from security incidents, including unauthorized intrusions and malicious computer programs.
2. Description of Prior Art
The foundation of a good cyber-security policy for any corporate or government enterprise is a security risk assessment: the probability of a security incident and the impact if it were to occur. The amount of risk that can be tolerated and how to mitigate the risk can be determined based upon the risk assessment.
A security risk assessment is difficult to perform, due in part to the difficulty of assessing impact. The impact of a security incident is most often related to the data which could be compromised, and the most difficult data to assess are corporate secrets. Corporate secrets are often located in text documents, digital slide presentations and spreadsheets. It is difficult locating and assessing the value of these documents throughout a large enterprise.